Pandora has become the latest retailer to suffer a cyber attack, joining a list of companies targeted earlier this year. The premium jeweller confirmed the breach on 5 August, informing customers that “some customer information was accessed through a third-party platform that we use.”
The company clarified that only basic data, such as names, birthdates, and email addresses, were copied by the attacker. Importantly, no passwords or credit card details were involved in the incident.
Earlier this year, the UK’s retail sector experienced a series of cyber attacks, affecting companies like M&S, Harrods, and The Co-op. M&S reported a £300 million impact on annual profits and warned customers of data theft during the attack.
Retailers’ extensive data collection for advertising and outdated security systems have made them attractive targets for hackers. In the pursuit of convenience, scale, and speed, many have under-invested in resilience. Organised cyber groups, such as the resurgent Scattered Spider, are exploiting these vulnerabilities.
Pandora has emphasised its commitment to consumer data protection, stating, “Protecting your privacy is extremely important to us. While incidents like these have unfortunately become more common in recent years, especially among global companies, we take this matter very seriously.”
It seems that the issue of cybersecurity in retail is far from over.
